The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a users computer.
Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Firefox | Mozilla | * | 119.0 (excluding) |
| Firefox_esr | Mozilla | * | 115.4 (excluding) |
| Thunderbird | Mozilla | * | 115.4.1 (excluding) |
| Firefox | Ubuntu | bionic | * |
| Firefox | Ubuntu | lunar | * |
| Firefox | Ubuntu | trusty | * |
| Firefox | Ubuntu | xenial | * |
| Mozjs102 | Ubuntu | devel | * |
| Mozjs102 | Ubuntu | esm-apps/noble | * |
| Mozjs102 | Ubuntu | jammy | * |
| Mozjs102 | Ubuntu | lunar | * |
| Mozjs102 | Ubuntu | mantic | * |
| Mozjs102 | Ubuntu | noble | * |
| Mozjs102 | Ubuntu | upstream | * |
| Mozjs38 | Ubuntu | bionic | * |
| Mozjs38 | Ubuntu | esm-apps/bionic | * |
| Mozjs38 | Ubuntu | upstream | * |
| Mozjs52 | Ubuntu | bionic | * |
| Mozjs52 | Ubuntu | esm-apps/focal | * |
| Mozjs52 | Ubuntu | esm-infra/bionic | * |
| Mozjs52 | Ubuntu | focal | * |
| Mozjs52 | Ubuntu | upstream | * |
| Mozjs68 | Ubuntu | focal | * |
| Mozjs68 | Ubuntu | upstream | * |
| Mozjs78 | Ubuntu | esm-apps/jammy | * |
| Mozjs78 | Ubuntu | jammy | * |
| Mozjs78 | Ubuntu | lunar | * |
| Mozjs78 | Ubuntu | upstream | * |
| Mozjs91 | Ubuntu | jammy | * |
| Mozjs91 | Ubuntu | upstream | * |
| Thunderbird | Ubuntu | bionic | * |
| Thunderbird | Ubuntu | devel | * |
| Thunderbird | Ubuntu | focal | * |
| Thunderbird | Ubuntu | jammy | * |
| Thunderbird | Ubuntu | lunar | * |
| Thunderbird | Ubuntu | mantic | * |
| Thunderbird | Ubuntu | noble | * |
| Thunderbird | Ubuntu | trusty | * |
| Thunderbird | Ubuntu | xenial | * |